|
|
Posted by J.O. Aho on 11/21/06 13:58
Usenet wrote:
> In article <1164059151.068794.94580@j44g2000cwa.googlegroups.com>,
> wrote:
>> Is there a way code a php mail script so that spammers cannot utilize
>> it to blast spam?
>
> The approach I'm using is to run a script to assemble and send the
> message. The web page has a variable set but this isn't the send
> address, it's reference to a table which holds the send address, hence
> this isn't visible anywhere in the html.
>
> This, of course, means emails only go to preset addresses, which may not
> be what you want.
It's not true, if you allow users to enter a FROM field which you then
directly without any filtering do assign to the mail() functions fourth input
variable, then they can use CC and BCC to send the mail to whom ever they want.
//Aho
Navigation:
[Reply to this message]
|